1994 1995 1996 1997 1998 <1999> 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 | Index | 1994 1995 1996 1997 1998 <1999> 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 |
<== Date ==> | <== Thread ==> |
---|
Subject: | Re: Protecting EPICS IOCs on ethernet |
From: | Chip Watson <[email protected]> |
To: | "John A. Priller" <[email protected]> |
Cc: | "Tech-Talk (E-mail)" <[email protected]> |
Date: | Mon, 25 Jan 1999 08:48:28 -0500 |
John, As others have said, Jefferson also uses the router/firewall technique. The router refuses to route to the IOC's except from a designated list of machines outside of that subnet which need access to a few signals. This would be my recommendation to you. (We also use a CDEV gateway in the same way that APS uses a channel access gateway; we have one gateway providing readonly access, and another within the secured subnet with read/write access). Chip